Social Engineering

The Dark Reading asked a rhetoric question recently: “When Will End Users Stop Being Fooled By Online Scams?” Well, you probably guessed the answer right away and it is “never”. I do not think it is possible to train the whole population of the planet in the intricacies of security. So the social engineering attacks in all of their variety are here to stay.

From this point of view, the “training” you get early in life matters, I think, quite a lot. I would hazard a guess that people who tried various social engineering tactics on their environment when they were kids are less gullible as a result. So we should not be so hard on our kids when we catch them lying and trying to trick others. Yes, they should know it is not acceptable. But they also should know how it is all done and kind of come to expect this trickery so they can distinguish social engineering attempts directed at them easier. So, do not punish them so hard, better teach them how to do it in a harmless way.